Login failure on Management UIs

If you are able to access the Management UIs login page, but the login attempt is failing.

Note: If you are on VMware, some of the following checks involve running kubectl commands on your VMs. To access your VMs for running kubectl commands:
  1. SSH to one of your subsystem VMs as the user 'apicadm', for example: ssh apicadm@mgmt1.example.com
  2. Sudo to the root user: sudo -i
  3. From here you can run kubectl commands, for example:
    # kubectl get pods
    NAME                                                              READY   STATUS      RESTARTS      AGE
    abc-management-analytics-proxy-5f8bcd74c4-jbhch                   1/1     Running     1 (97d ago)   113d
    ...
  4. API Connect pods run in the default namespace on VMware, so you do not need to specify the namespace with -n in the kubectl commands.
Check the logs of the juhu and apim pods at the time of the login attempt to confirm that the login attempt did reach the Management subsystem. For more information on the juhu logs see Unable to access Management UIs. If the login attempt reached the Management subsystem, more details of the login failure for Local User Registry users can be found in the lur pod logs, and for LDAP users in the ldap pods. Example:
# kubectl logs abc-management-lur-8bbc47b54-9vl8q --since=1m -f
...
2022-05-27T13:41:13.511Z audit [4d55be1800dcef18c64e0470484e6eac] START: >>>>>>>> [POST]: /user-login
2022-05-27T13:41:13.704Z lur:error [4d55be1800dcef18c64e0470484e6eac] Requested login, but user, notauser not found in user registry, 
2022-05-27T13:41:13.706Z bhendi:error [4d55be1800dcef18c64e0470484e6eac] Error in POST post:/user-login (user.js:login)
  - status : 401
...